b'          U.S. Department of Energy\n          Office of Inspector General\n          Office of Audits and Inspections\n\n\n\n\nManagement Alert\nReview of Internal Controls for\nProtecting Non-Public Information at\nthe Federal Energy Regulatory\nCommission\n\n\n\n\nDOE/IG-0906                        April 2014\n\x0c                              Department of Energy\n                                 Washington, DC 20585\n                                       April 9, 2014\n\nMEMORANDUM FOR THE ACTING CHAIRMAN, FEDERAL ENERGY\n               REGULATORY COMMISSION\n\n\nFROM:                     Gregory H. Friedman\n                          Inspector General\n\nSUBJECT:                  Management Alert: Review of Internal Controls for Protecting\n                          Non-Public Information at the Federal Energy Regulatory\n                          Commission\n\nBACKGROUND\n\nIn March 2014, the Department of Energy (Department) Office of Inspector General\ninitiated a review of internal controls for protecting non-public information at the Federal\nEnergy Regulatory Commission (Commission). The review was initiated in response to\nan alleged leak of modeling studies exposing certain power grid vulnerabilities and of\nnon-public information relating to the investigation of the April 2013 attack on the\nPacific Gas and Electric Company\xe2\x80\x99s Metcalf substation located just south of San Jose,\nCalifornia. Information regarding the alleged leak was communicated to us by the\nCommission\xe2\x80\x99s Designated Agency Ethics Official. Further, we received a letter from the\nChairwoman and Ranking Member of the Senate Energy and Natural Resources\nCommittee requesting that we review the same matter.\n\nIMMEDIATE CONCERN\n\nThe Department\xe2\x80\x99s subject matter experts have confirmed that at least one electric grid-\nrelated presentation created by Commission staff should have been classified and\nprotected from release at the time it was created. Based on preliminary information, we\ndetermined that the presentation was accessible to, and in specific instances, was viewed\nand handled by Commission employees who may not have had personnel security\nclearances and thus, were not fully aware of their obligation to protect the information.\nSimilarly, the document was reported to have been maintained on portable electronic\nequipment and transmitted via unsecured means. Finally, the document, and/or the\nessence of its contents, may, in whole or in part, have been provided to both Federal and\nindustry officials in unclassified settings. The methods used in creating and distributing\nthis document led us to the preliminary conclusion that the Commission may not possess\nadequate controls for identifying and handling classified national security information.\n\x0c                                            2\n\n\nAs you are aware, the materials in question raise concerns with the security and integrity\nof our Nation\xe2\x80\x99s critical energy infrastructure, including the Nation\xe2\x80\x99s power grid. We are\nespecially concerned with reports that the document that was not properly classified and\nmay currently be stored on unclassified Commission servers, as well as on current and\nformer Commission employees\xe2\x80\x99 desktop computers, laptops, portable electronic devices,\nand copiers. These are the main reasons for the urgency of this management alert.\n\nRECOMMENDATIONS\n\nAlthough the analysis on which this alert is based is preliminary, we have concluded that\nthe Commission should take immediate action to ensure that the information referred to\nin this management alert is afforded maximum protection. Consequently, we recommend\nthat the Acting Commission Chairman:\n\n   1. Move immediately to protect the information in question by identifying and\n      securing any/all source data, studies and modeling material, including supporting\n      reports and presentations. The search for such information should be\n      comprehensive, including hard copy data and information stored or transmitted\n      via email and all electronic systems which contain relevant information. In the\n      case of electronic data, all systems (to include copiers, client computers, handheld\n      and/or tablets as well as email and other servers) containing data related to or\n      supporting the information should be taken out of service and segregated from\n      unclassified networks until the actions taken in Recommendation 2 are complete.\n\n   2. Immediately seek assistance from appropriate program/staff offices within the\n      Department of Energy, or any other Federal entity with appropriate original\n      classification authority in this matter, to ensure that the information in question\n      and any associated source material, reports and/or presentations are properly\n      classified and secured. As necessary, assistance should also be obtained to ensure\n      that any required remedial action is completed expeditiously (i.e.\n      computer/electronic device sanitizing, secure storage of any information deemed\n      to be classified, etc.).\n\n   3. Ensure that all current and former handlers of the material are fully apprised and\n      acknowledge their duty to protect all classified information.\n\n   4. Segregate and secure all classified information discovered during the searches\n      conducted pursuant to Recommendation 1 in an approved classified repository.\n      Such data should also be made available to Office of Inspector General employees\n      engaged in the on-going review.\n\x0c                                            3\n\n\nPATH FORWARD\n\nPlease advise us of the actions the Commission plans to take with regard to the\nrecommendations. The Office of Inspector General\xe2\x80\x99s review is ongoing.\n\nWe appreciate your cooperation in this matter.\n\nMANAGEMENT REACTION\n\nFederal Energy Regulatory Commission (Commission) Acting Chairman LaFleur\nindicated to us that she has reviewed the management alert and has instructed\nCommission staff to implement its recommendations promptly, and to give them top\npriority.\n\x0c'